Collaborating Authors

In a rapidly transforming threat landscape, cyber defense solutions must be both innovative and flexible to harden organizational security against ever-evolving adversarial attacks. While current signature detection techniques effectively combat known attack structures, they are inherently reactive and require significant time to respond to sophisticated attacks. These challenges are compounded by the individualized characteristics of a given network, as each demands a system that understands its unique threats. Cybersecurity experts face the challenge of building flexible solutions that can learn the norms of a given network while rapidly adapting to defend against new attack structures. Generating timely identification of cyber threats hidden within the high volume of data generated by a network is an industry-wide problem that continues to challenge and stress organization's cybersecurity operations.

Cybersecurity incidents are among the greatest concerns of businesses, government agencies, and private citizens today. In the modern world, protecting our data and information assets is nearly as important as maintaining the security of our physical assets. It should not be surprising, then, that data analytics play a key role in cybersecurity. Analytics and machine intelligence, a field concerned with producing machines able to autonomously perform tasks that would normally require human intelligence, can drive an organization from reactive to proactive when coupled with organizational change. This capability enables organizations of all types to move from simply measuring signals (data), to creating sentinels (machine learning algorithms), and then moving ahead to sense-making (actionable machine intelligence).

The nature, scale, and diversity of the cybersecurity threats that the modern organization faces means leveraging the power of automated security tools is a necessity. Large enterprises can generate billions of distinct system logs and events each day. Manually poring through such information is impossible. Security software and automated tools make the process of sifting through such security data quick and efficient. Among the different categories of cybersecurity tools an organization could use to enforce their security policies, security analytics software is among the most critical.

A recent Compliance Week story on how artificial intelligence could revolutionize compliance depicted how technology firms "are offering software platforms that promise to automate otherwise routine tasks and improve upon fraud detection audits, anti-money laundering protocols, and know-your-customer screening." With the advent of cyber-security attacks, developers of advanced artificial intelligence security monitoring solutions have also emerged. However, understanding when and how often monitoring solutions should be executed presents trade-offs to be considered. Legacy approaches to risk monitoring look for recognized threats by known signatures and pre-built event detection logic. Often these standby methods rest on technology confines and as a result are not aligned to business risk.

I know how terrible healthcare records theft can be. I myself have been the victim of a data theft by hackers who stole my deceased father's medical files, running up more than $300,000 in false charges. I am still disputing on-going bills that have been accruing for the last 15 years. This event led me on the path to finding a solution so others would not suffer the consequences that I continue to be impacted by, but hospitals and other healthcare providers must be willing to make the change. The writing is on the wall.